Troubleshooting Tip: Using 'route-map-out-preferable' in BGP for route-tag use in an SD-WAN rule

Description

This article describes, with an example, how the 'route-map-out-preferable' functions in the BGP route-tag and is used concurrently with an SD-WAN rule.

Scope

FortiGate.

Solution

Prerequisites:

1. SD-WAN with 'SLA' and 'config neighbor'. See the documentation.
   
   
2. BGP with route-map. See the documentation.

The scenario below is the route-tag in HUB for the BGP route from Branch when SLA is met:

In this scenario, the SD-WAN rule in the HUB was configured to follow the route tagging.

Consider the SD-WAN rule for Dialup_1_1, which is meeting the SLA first.

In Branch, the route-map is configured to have route-map-out-preferable when SLA is met and route-map-out when SLA is not met.

Now, make the Dialup_1_1 fail the SLA from the branch.

Note the route-tag for the Dialup_1_1 is changed to 5.

Note that the SD-WAN rule will not be matched as the route-tag is not matching.

This will cause the traffic to use other SD-WAN rules which match the SLA.

When the SLA recovers, the SD-WAN rule will be used again.

Additional detailed testing scenario:

SD-WAN self-healing with BGP - FortiGate documentation.